Jul 15, 2025 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- 10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2025-34112
An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral...
- CVSS 10
- Remote code execution exposure
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
CVE-2025-52376
An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions...
- CVSS 9.8
- Authentication bypass — unauthenticated access risk
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.
High-risk exposure
CVE-2025-34110
Trueconf Server Directory Traversal
New high-severity Trueconf Server Directory Traversal — watch for exploit drops and scanner noise in the first 72 hours after disclosure.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or...
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder compon...
An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral NetProfiler and NetExpress 10.8.7 virtua...
VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter.
VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-...
VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to...
Conjur provides secrets management and application identity for infrastructure.
An attacker of Secrets Manager, Self-Hosted installations that route traffic from Secrets Manager to AWS through a misconfigured network...
Vulnerability in Oracle Application Express (component: Strategic Planner Starter App).
An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7...
View critical disclosures
cvelogic
Threat Intelligence